sshdfilter - SSH brute force attack blocker

Property Value
Distribution OpenMandriva Lx 3.0
Repository OpenMandriva Contrib Release i586
Package name sshdfilter
Package version 1.5.6
Package release 1-omv2013.0
Package architecture noarch
Package type rpm
Installed size 82.97 KB
Download size 35.61 KB
Official Mirror
sshdfilter blocks the frequent brute force attacks on ssh daemons, it
does this by directly reading the sshd logging output and generating
iptables rules, the process can be quick enough to block an attack
before they get a chance to enter any password at all.
sshdfilter starts sshd itself, having started sshd with the -e and -D
options. This means it can see events as they happen. sshdfilter then
looks for lines of the form:
Did not receive identification string from x.x.x.x
Illegal user x from x.x.x.x
Failed password for illegal user x from x.x.x.x port x ssh2
Failed password for x from x.x.x.x port x ssh2
The former three instantly trigger sshdfilter into creating iptables
rules which block all ssh access from that IP. The latter failure is
given a few chances before it too is blocked. These are in fact example
rules, the exact wording varies between Linux distributions, so
sshdfilter exists as a base program and groups of patterns for each
All new rules are inserted into a custom chain, and to prevent the chain
from becoming overloaded with old rules, rules over a week old are


Package Version Architecture Repository
sshdfilter-1.5.6-1-omv2013.0.noarch.rpm 1.5.6 noarch OpenMandriva Contrib Release
sshdfilter - - -


Name Value
iptables -
openssh-server -
perl(Fcntl) -
perl(IO::Handle) -
perl(POSIX) -
perl(Socket) -
perl(Sys::Syslog) -


Name Value
config(sshdfilter) == 0:1.5.6-1:2013.0
sshdfilter == 0:1.5.6-1:2013.0


Type URL
Binary Package sshdfilter-1.5.6-1-omv2013.0.noarch.rpm
Source Package sshdfilter-1.5.6-1.src.rpm

Install Howto

  1. Enable OpenMandriva Contrib Release repository on Install and Remove Software
  2. Update packages list:
    # urpmi.update -a
  3. Install sshdfilter rpm package:
    # urpmi sshdfilter




2011-03-16 - St?phane T?letch?a <> 0:1.5.6-1mdv2011.0
+ Revision: 645430
- update to new version 1.5.6

See Also

Package Description
sshpass-1.05-1-omv2015.0.i586.rpm Tool for non-interactively performing ssh password authentication
ssl-cert-check-3.3-4-omv2015.0.noarch.rpm SSL certificate expiration checker
sslstrip-0.9-2-omv2013.0.noarch.rpm Tool that provides a demonstration of HTTPS stripping attacks
ssmtp-2.64-7-omv2015.0.i586.rpm A minimal mail-transfer agent which forwards mail to an SMTP server
ssr-0.3.6-1-omv2015.0.i586.rpm A feature-rich screen recorder that supports X11 and OpenGL
sssd-1.9.6-1-omv2015.0.i586.rpm System Security Services Daemon
sssd-client2-1.9.6-1-omv2015.0.i586.rpm SSSD Client libraries for NSS and PAM
sssd-tools-1.9.6-1-omv2015.0.i586.rpm Userspace tools for use with the SSSD
stalonetray-0.8.1-2-omv2015.0.i586.rpm Stand-alone, full-featured system tray
stardict-dalf-2.4.2-2-omv2015.0.noarch.rpm Dal's Russian Dictionary The Devil's Dictionary for StarDict 2 Elements database for StarDict 2 U.S. Gazetteer for StarDict 2 GCIDE english dictionray for StarDict 2 Hitchcock's Bible Names for StarDict 2